VYPR
High severity8.6NVD Advisory· Published Sep 11, 2018· Updated Jun 17, 2026

CVE-2018-2463

CVE-2018-2463

Description

The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.